Automated security code scanners will assess source code for insecure security controls and source code. Furthermore, our security researchers will manually verify the vulnerabilities against the live systems for better assessment accuracy.
If customized applications are built based on open source software such as WordPress, source code review is usually required to ensure the custom code free from security flaws.
1. Search for insecure source code
- Step 1: Preliminary proposal
Our consultants will work with you to understand your business objectives and cyber security requirements, and tailor our service to these to deliver maximum benefit.
- Step 2: Source code review
Our consultants will scan through your codes to further provides insight into the “real risk” associated with insecure code. This is the single most important value from a manual approach.
- Step 3: Source code review report
Our consultants will provide you with a detailed report that clearly states the vulnerabilities identified during the security source code review.
2. Our Services
2.1 Source Code Review
Using both automated scanner and manual code review, our team will assess the source code of your Java, PHP, and .NET applications and check it for different types of vulnerabilities.
- Injection flaws
- Business logic vulnerability
- Cross Site Scripting (XSS)
- Cross Site Request Forgery (CSRF)
- Improper authentication or session management
- And more…